Re: [PEN-TEST] Disaster Recovery

["Rietveld, Peter" <priet () CENTENNIUM NL>]

I agree, it appears that we just don't have enough disasters. I noticed how
a major european bank recently moved their critical systems to the top floor
of the building. It is near a major airport, not too far from where an El Al
jumbo crashed a few years ago. The previous location was bomb proof, now a
single mortar shell will do the trick. I guess the end of the cold war meant
the end to traditional disaster preparations, which were often related to
the threat of terrorism or the possibility of actual war. And when I think
of it, this it not so very strange thinking, why blow up a building if
crashing a few routers has the same effect. I think the threats actually
have changed.

In the good old days of mainframes it was also a lot easier than it is now,
how do you protect a networked data infrastructure? All that valuable data
that is sitting on PC's which aren't backed up anyway? The answer is
probably that it is too complicated a task, so we just will not think about
it. There just are no simple answers to this problem. Although some managers
consider off site data storage a sort of solution. It is easier just to
concentrate on problems we can solve.

Since it is off the hot topic lists, a list serve will not generate enough
attention. I have never seen one, allthough it is the line of my work to
monitor all the security related lists. If anyone finds one, let me know.

greetz

peter

> Members
>
> Does anyone know of a list serve that specializes in discussions related
to
> Disaster Recovery of mainframe/client-server systems. Seems like when we
> think of IT security, disaster recovery is just not the current hot topic.
> However, with the rapid deployment of national computer applications that
> integrate with multiple data centers,  extranets, ISP's, VPN's, etc..how
do
> you plan for disaster recovery??  To me, this is just as big of a computer
> security risk, as someone breaking into your computer systems. Has it
become
> to complex?  Are we just playing down the issue?  In the old days with
> mainframe computers it was pretty straight forward..however
today..different
> story.
>
> In my current job, I am a firewall administrator and also head up a team
for
> the deployment of intrusion detection and penetration security tools.  I
am
> still baffled that no one in IT seems to care much about disaster
recovery.
> Maybe, I am just not hanging out with the right types of IT folks.
However,
> I have worked for a number of companies and disaster recovery, just does
not
> seem to be an important issue when you think about computer security.
>
> _________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
> Share information about yourself, create your own public profile at
> http://profiles.msn.com.